If you have ever used SWFupload with PHP application using session authentication you could run into similar problem.
Your users are able to upload multiple files using flash uploader after they log into your website. While their browser have no problem with cookie / session handling, flash application ignores session id and in the result, instead of typical ajax result – your reply from server will contain a page with a login form.
This is a very old bug(?), reported back in 2007 (or even before), still available in newest flash player.
Bug affects following browsers / versions:
- Firefox / Opera / Chrome
- Flash player 9
- SWFUpload v220.127.116.11
There are few workarounds out there, according to Evert Pot and his blog.
In case you are working on a bigger project, where you cannot simply override authorisation I suggest simply upgrading SWFUpload to SWFUpload v2.5.0 Beta 3 – it should do the trick, but beware that it is still beta, unstable version!
I’ve spent too much time to debug this, so for all of you going the same way – please follow my guidelines so you can spend additional hours with your family.